AIH-HSP V1.0 Architecture and Operation

(Informative)

1     Introduction

2     Actors

3     Services

1        Introduction

The Health Secure Platform architecture comprises a set of different systems and specific distributed services, enabling the following functionalities:

1. End Users acquire Health Data using AIH-HSP Apps running on their Front Ends.
2. Health Data is AI-processed using the local AI Framework.
3. End Users may upload their AIH Data to the Back End with an attached Model Licence – to be converted to a Smart Licence/Contract by the Back End.
4. The Smart Contract residing on a Blockchain governs the use that the Back End and Third-Party Users – qualified health-related entities – may make of the AIH Data.
5. The Back End may process End Users’ AIH Data in its local AI Framework based on the relevant Smart Contracts.
6. Registered Third-Party Users may access the Back End and request AI-processing of AIH Data present on the Back End based on the relevant Smart Contract(s).

Figure 1 – General Model of AIH-SHP V1.0

2        Actors

The Health Secure Platform identifies and recognises the following types of User and Data:

1. Users
   1. End User: a User collecting and processing AIH Data their with their Front Ends, and issuing Model Licences of their AIH Data to the Back End that converts them to Smart Contracts on a Blockchain. End User may control and audit the access and processing of their AIH Data by any Third-Party User based on the terms of the said Smart Contract.
   2. Third-Party User: any qualified third-party entity requiring access to the data on the system or the processing of the data and the extraction of knowledge by AI-based mechanisms. Third-Party Users include hospitals, clinics, research centres, caretakers, and others identified entities according to the MPAI-AIH Taxonomy. Access is granted according to the sub-licensing clauses of the Smart Contract between the End User and the Back End. Smart Contracts are based on approved templates verified for consistency, legal compliance, and technical security before release.
2. Data
   1. AIH Data: collected, locally processed, and uploaded  by End Users to the Back End, and stored, processed, and sublicensed  by the the Back End to Third-Party-Users based on the Terms specified by the relevant End-User Licence.
   2. External Data: sourced by platforms other than the Health Secure Platform from which the Back End may collect subsidiary data to integrate relevant information for AIH Data processing. 

3        Services

The Health Secure Platform is composed of a set of distributed components and services:

1. The Front End, the End User’s personal gateway to their external biometric sensors and any AIH Data that:
   1. Captures End User’s Health Data, e.g., from Google Fit and Apple Health, and external biometric sensors that capture Health Data.
   2. Locally stores AIH Data in a “Secure Data Vault” controlled by the End User.
   3. AI processes AIH Data using standard AIMs and AIWs downloaded from the MPAI-Store performing the computational operations on the End User’s AIH Data, including transformations, training, and inferences.
   4. Alerts the End-User about any deviation of the value of the AIH Data that may be caused, e.g., by disease, injury, or chronic conditions.
   5. Uploads the processed AIH Data to the Back End.
2. The AIH Back End, composed of a set of tools that implement the necessary services
   1. Securely stores, de-identifies and anonymises AIH Data, controls entity authentication and access to data, and licenses and audits the access to Back End AIH Data.
   2. Gathers anonymised data from End Users and acts as a broker gateway between Third-Part Entities requesting access to AIH Data and its providers.
   3. Grants access rights without referring to the identity of the End Users providing the data. The Back End may only grant the Third-Party User the rights to process AIH Data that the Back End has been specifically granted by the relevant End User.
3. Blockchain enables the system’s transparency and auditability. Each provision of and access to AIH Data requires the emission of a license in the form of a Smart Contract that is stored on the Blockchain. The Smart Contract contains information about:
   1. The parties, e.g., the End User sending AIH Data and the Back End, and any future Third-Party User requesting access to and processing of AIH Data.
   2. The Type of Third-Party User (per the MPAI-AIH Taxonomy).
   3. The AIH Data and AIH Models to be used.
   4. The Rights granted to use the AIH Data:
      1. Type of use of the AIH Data (per the MPAI-AIH Taxonomy).
      2.  Type of use of the processed AIH Data (per the MPAI-AIH Taxonomy).
   5. The duration of the Licence.
4. The AI Services offered by the Back End can be used directly to process the AIH Data on the Front End and extract the specific knowledge sought by the End User or Third-Party Users based on the Licence. These services are selected from those available from the MPAI Store and may be orchestrated to produce specific analyses for the Third-Party Users that request access to AIH Data. By means of data processing, AI services enable specific and customised training of Machine Learning Models to identify and assist in the identification of medical diagnosis and prognosis.
5. The AI Federated Learning System (FLS) orchestrates the learning of a central model for medical diagnosis and prognosis, namely by working as a medical anomaly detection tool, receiving Neural Network Model weights data from the Front End and using it under the terms of the Smart Contract that was established between the End User and the Back End. When an improved model is obtained by the FLS, this is uploaded to the MPAI-Store.